-----Original Message-----
From: ietf-dkim-bounces(_at_)mipassoc(_dot_)org
[mailto:ietf-dkim-bounces(_at_)mipassoc(_dot_)org] On Behalf Of Hector Santos
Sent: Friday, January 25, 2008 2:28 PM
To: Frank Ellermann
Cc: ietf-dkim(_at_)mipassoc(_dot_)org
Subject: Re: [ietf-dkim] Re: SSP vs. reputation
Frank,
<snip>
It will not make sense for me to add DKIM=STRICT for
santronics.com and then go to some greeting card service and
use my santronics.com address for their services. It doesn't
make sense.
Actually Hector, you can feel perfectly comfortable using your
santronics.com email address with our greetingcard sites AND uasing
DKIM=STRICT. Try it, you'll like it <G>.
Over the course of the past year we re-architected our processes for
precisely the types of reasons that this discussion is happening. When
we send a greeting card we are using our email address - for example
ecards(_at_)americangreetings(_dot_)com - so that we are taking responsibility
for
the email we send. We expose your name and email address to the
recipient in the subject line and body of the email.
It makes perfect sense. I'm hoping that other social expressions sites
pick up on the fact that they can no longer (by this I mean that it is a
risky behavior and promotes abuse) use "your" email address as the Mail
From and From when they send a notification.
There are other pieces, parts and considerations besides DKIM in how we
re-architected to improve security. We aren't where we want to be but
are moving down the path as fast as we can. Sometimes it feels like I'm
turning an oil tanker.
Mike
DKIM=DKNY for geeks (Sorry, couldn't resist)
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html